Giving Graft permission to access GBQ
Overview
Graft uses a Service Account to connect to your data in Google Bigquery, using the provided Project and Dataset names you will configure in Graft when creating a GBQ Data source
To enable this connection you will need to configure suitable permissions for the Graft Service Account, this document details the required steps.
KEEPING YOUR DATA SAFE
The permissions you are giving Graft are READ-ONLY and for a specific GCP project. They will need to be granted for every project rather than a blanket permission.
Granting Permissions
Within the IAM tab for the project you wish to grant Graft access to Click on the GRANT ACCESS button at the top of the screen
Add the following Principal information
graft-connectors@graft-connectors-prod-iam.gserviceaccount.com
name : Graft Connectors
Next Define the required Role
- Click Select a Role
- Select BigQuery
- Select BigQuery User
- Click + Another Role button
- Add BigQuery > BigQuery Data Viewer
You should end up with a Principal entry as follows:
Congratulations, your project has now granted access to the Graft Service Account.